Threat intelligence survey: 43 percent only share info internally

Many information security pros said threats discovered were shared strictly within the organization, but 81 percent wanted more public-to-private sector sharing.

While 43 percent of security professionals said that they only share information about threats they discover at work internally, a much larger showing, 81 percent, called for more government-to-private sector sharing, a new survey said.

More than 300 security practitioners participated in the survey, which was conducted by AlienVault at the Infosecurity Europe 2015 conference in London last month. According to the company, the survey was carried out to “paint a picture of how threat intelligence is obtained, utilized and shared,” the report [PDF], released Tuesday, said.

Organizations likely chose to keeping threat intelligence to themselves because “people are unwilling to expose sensitive information about their company, therefore restricting the sharing of intelligence to only those parties it trusts,” the survey explained. The report also argued, however, that there are still ways to share threat intelligence without exposing confidential data, including disclosing hash values, domain names and suspicious IP addresses to outside parties that might also be vulnerable to similar threats.

While 43 percent of respondents said they shared threat intelligence only within the organization, 40.2 percent said they would share such information with “trusted peers” or the “closed community.” Around 20 percent of participants said they shared threat intelligence with the government sector, and only 7.6 percent (25 respondents) said they publicly shared threat intelligence.

Though only 67 respondents (20.4 percent) said they shared threat intelligence with the government, 266 respondents (81.1 percent) felt that the government should share more threat intelligence with the private sector, the survey noted.

Also, when asked how they viewed the government in regard to it “protecting your business from hostile nations and major threats,” the response that received the largest number of votes (34 percent, or 112 respondents) was as a “trusted partner.” Around 23 percent of participants (77 respondents) said, however, that the government “consumes threat intelligence but doesn't share.”